Snowden Docs: Brits Hacked Accounts of Belgian IT Admins 126
An anonymous reader writes "British secret service GCHQ is willing to penetrate the networks of telecoms firms to subsequently use them for spying. German magazine DER SPIEGEL reports GCHQ hacked the machines of Belcacom staff to later use their GRX routers for targeted man-in-the-middle-attacks on people's phones. Belgacom is the biggest telecom in Belgium, and is partly state-owned. DER SPIEGEL publishes three original slides from a GCHQ presentation. They specifically mention targeting 'engineers/systems administrators.'"
So we've learned... (Score:1)
Didn't we already know this?
Re:So we've learned... (Score:5, Insightful)
1. This is not a government spying on another government.
2. Economic espionage is illegal
3. Breaching trust like this will lead to all sorts of blowback when partners find out, it's hardly a good idea.
GCHQ has strayed well over the line from protecting British interests against our enemies to economic and political espionage. This op was probably ordered at the behest of some American service anyway (to whom GCHQ are in hoc to the tune of hundreds of millions of dollars), who knows why or who it benefits, but it certainly isn't the people of the UK.
Re: (Score:2)
Re: (Score:2)
As far as I've been able to tell, most espionage of a materiel type requires spying on companies, as it's those companies that are the true producers of materiel, not governments themselves.
True. And if you were investing a weapons manufacturer in Syria nobody would blink. But Belgium is an ally.
This is like breaking into your friends house without provocation, you know, just in case... uh... something... something... terrorism.
Re: (Score:2)
I can't see the logic. This is just typical scaremongering and paranoia from the government.
The US government molests anyone who tries to get on a plane because there's a 0.000001% chance that they could be a terrorist, or something ridiculous like that. There is no "logic" here; just power-hungry pieces of trash.
Re: (Score:3)
in hoc to
Off-topic pedantry: the expression's in hock to, originating from a Dutch word for a kennel or lock-up or prison, informally used to describe someone in debt. Not related to Latin hoc, meaning "this", and common in phrases like post hoc ergo propter hoc ("after this, therefore because of this"), ad hoc ("for this [occasion]"), etc.
No, no -- read the slide! (Score:2)
in hoc to
Off-topic pedantry: the expression's in hock to...
No, no, it's not in hock, although that does rhyme -- read the slide! [spiegel.de] It says MyNOC .
It makes perfect sense. Chewing on the cables.
Cheers,
Re:So we've learned... (Score:4, Insightful)
There's no such thing as illegal to a government.
Re: (Score:1)
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Yet that's the exact arguments the UK government uses when it doesn't want to do something.
"We can't just not hand over Julian Assange because the whole extradition looks fishy because that would be illegal"
We have separation of our judicial branch from our government for a reason and they can't just pick and choose when they ignore the law even with their attempt at hijacking the judiciary with their politically appointed supreme court.
Re: (Score:1)
who knows why or who it benefits, but it certainly isn't the people of the UK.
Is that your evaluation based on many years of experience with the intelligence agencies? Or is it the snark of a passing minute on the internet?
NSA helped foil terror plot in Belgium, documents, officials say [cnn.com]
Police arrest 10 over Belgian 'Islamist terror plot' [bbc.co.uk]
Belgian police raid homes in connection with Syrian terror groups recruits [rt.com]
Two Belgian "terrorism" suspects detained in Yemen [reuters.com]
Fearing terror attack, Belgium arrests 14 [latimes.com]
Re:So we've learned... (Score:5, Interesting)
A couple of problems here. Firstly a lot of those stories refer to an event in 2008, and Der Spiegel claims GCHQ only got access to Belgacom in 2010. So their spying cannot have been relevant there.
Secondly, the evidence in those cases was the sort of thing that can be obtained using ordinary court orders or ordinary, limited and carefully controlled wiretaps. The people targeted went to the Afghan-Pakistani border for months and according to one article, some of them were already known criminals in Belgium even before then. Getting a tight, time limited court order for surveillance of these people within Belgium is easily possible - at no point would Britain hacking Belgium have been helpful in such a prosecution and indeed, would have been dangerous - if the evidence was obtained without a warrant and defence counsel found out, the case might have collapsed.
I strongly dislike this notion that the acts Snowden uncovered are all OK because occasionally, the authorities do manage to catch terrorists. Guess what? They also catch random serial killers, fraudsters, drunk drivers who do hit and runs, all kinds of other criminals .... just using the ordinary tools and strict supervision they are supposed to operate under. Where's the evidence that tightly specified, time limited court orders issued by open courts are insufficient? Can you point me to just one case of a terrorist who successfully blew himself up because a judge mistakenly denied a reasonable warrant request? I've not heard of such a thing, even though occasional mistakes would be expected and not by itself sufficient to conclude what the NSA/GCHQ does is necessary.
Re: (Score:2)
"Can you point me to just one case of a terrorist who successfully blew himself up because a judge mistakenly denied a reasonable warrant request?"
Perhaps somewhat ironically, a number of attacks that have succeeded such as the butchering of a soldier in London earlier this year were by people who were not only known to the security services, but whom the security services tried to recruit.
You're right, the security services can't even catch people sat right under their own noses when they have all the info
Re: (Score:2)
This op was probably ordered at the behest of some American service anyway
I love how every negative thing even other governments do is all our fault. I guess GCHQ is full of retards who can't wipe their ass without being told to by America. What a crock of shit.
There may be connections and there may have been discussion between GCHQ and NSA as we are allies but I'm tired of hearing how we're assholes for things that other people do. If our government agencies can order your government agencies around, you might as well call yourselves Americans, too.
Re: (Score:2)
Re: (Score:2)
Way to try and blame it on the Americans. I wish other countries could actually accept responsibility for their own actions once in a while.
Re: (Score:2)
Yes, the thing that bothers me most about all this though is the fact that the US seems to basically own GCHQ. We already had the story about how the US paid money for access to intelligence and influence on GCHQ but the fact that Snowden was able to pilfer some highly sensitive documents from the NSA about GCHQ is worrying.
Don't get me wrong, I'm absolutely glad Snowden did what he did but our intelligence services are way too close to and way too open with the US.
It's pretty clear what was meant now when
Re: (Score:2)
Did these acts take place in Britain, or on the continent? I don't think that British law can legalize something that's illegal in the place where it occurred, so the distinction is significant.
Re: (Score:2)
And how exactly do you know that all governments do this? That the British are in the same boat as the Americans has long been suspected. I don't see the Belgians mass monitoring Verizon calls in the US, do you?
Re: (Score:2)
I don't see the Belgians mass monitoring Verizon calls in the US, do you?
It's all a matter of capability, not interest.
Re: (Score:2)
...that all governments spy on all other governments, regardless of the state of cordiality between those nations.
Belgacom is a government?
Well, NATO is based in Belgium, so... (Score:1)
Truthfully, if any hub of communication on the continent was going to exploited and counter-expoited, it would be the trunks and infrastructure running into and out of Belgium. SHAEF is there and lots of other stuff. I wonder what will be unearthed about the Russians in Belgium?
Re: (Score:1)
Re: (Score:1)
It's unfixable. Because "fixing" would mean to develop a Belgian, serious IT security capability and probably dumping MS Windows.
That's expensive and will infuriate American Money. So this will never happen.
Re: (Score:1)
Belgacom also services N. Africa and parts of the middle east, not just Belgium itself and people roaming in Belgium. So the network is a juicy target for anyone wanting to indiscriminately sift through calls to/from these areas as well as those in Belgium itself.
Re: (Score:2)
Well given that Britain is the second largest military force in NATO after the US you'd think that we'd not need to hack it to find out what was going on.
This was probly at the request of (Score:2, Insightful)
Re: (Score:2)
Re: (Score:1)
If something could end the EU is this kind of actions from UK, how you continue in something based on mutual trust when that trust is not deserved? This century Axis of evil has changed actors, but once again are a few countries (some of them inside Europe, some of them outside) vs the rest of the world, just wait for their next moves if you are still not doped enough.
What many people forget is that you can have more than two axes. Along with the Axis of Evil, we've now got the Axis of Fascists, the Axis of Slime, and the Axis of "not as bad as them".
In other news, China must be laughing, as they don't have to even nudge anything to let all this take place and have everything fall into their lap. Doesn't mean they're not positioning themselves favourably though.
Consequences? (Score:5, Interesting)
Any chance the GCHQ people will do time in Belgian jails?
Any chance the U.K. will get an astronomical fine?
Re: (Score:2)
Good question, wonder what happens if the Belgian police issues an EAW, does the GCHQ operators have immunity for their crimes in the UK? Does the EAW apply in this case; in my mind it should, it would put some needed control over this crap.
Re: (Score:3)
Good question, wonder what happens if the Belgian police issues an EAW, does the GCHQ operators have immunity for their crimes in the UK? Does the EAW apply in this case; in my mind it should, it would put some needed control over this crap.
I would think that as long as they violated a law in Belgium that meets the EAW requirements and there is probable cause they could issue one. I'm not an expert in European law, but it seems like part of the deal in becoming a part of the EU is that you lose your sovereignty to protect your spies who are breaking laws in other member nations. One would think that in joining an alliance like the EU that you're supposed to stop treating other member states like enemies. If they needed to tap a cell phone i
Re: (Score:2)
Re: (Score:2)
...it's pretty damn hard to come up with plausible reason to listen to politicians of all EU countries.
Re: (Score:2)
What I'm curious about is whether the recent treaties and agreements about electronic warfare covers this as an act of war, and whether Belgium can request NATO and US support in said war with the UK...
Re: (Score:1)
Any chance the GCHQ people will do time in Belgian jails?
Any chance the U.K. will get an astronomical fine?
As a Belgian, I'm going to speculate that the GCHQ people will probably have to murder a couple of people before they'll be put into jail. They could get a house arrest, and maybe a fine, tops. Our jails are overcrowded and our legal system avoids jailing people if it's not absolutely necessary. Fun fact: It's not illegal to break out of jail in Belgium.
Such attacks should be anticipated (Score:2)
The rule of security is: Make it more expensive for the attacker than it's worth to them.
How much is it worth to spy agencies to have root access to telecom providers? Quite a bit, is my amateur guess. The telecom providers (and ISPs, etc.) should anticipate attacks proportional to the value, and implement security proportional to the anticipated attacks. (But do they really have a chance of holding off the NSA, GCHQ, etc.? Perhaps their own national intelligence agency could help, if their citizens can tru
Re: (Score:2)
Re:Such attacks should be anticipated (Score:4, Interesting)
NSA (& associates) made that equation worthless when started to require to manufacturers to insert backdoors and timebombs into their products and spread privileged access over too much people [salon.com].
So a single person or a group of them (either being insider, or finding how to access those backdoors deployed everywhere) with the right motivation can access most of world's critical information, including US one, and Snowden is a proof of that, the one that decided to go public, for good. What you don't know is how many in the past, present or future will abuse that privilege, or just will make a security mistake giving access to that information to the wrong people.
Sounds like Revenge... (Score:4, Insightful)
I could be way off base, but I bet this particular type of information was sought out from the leaks by Greenwald to dissuade GCHQ from behaving the way it did again...
Re: (Score:3, Interesting)
In response to the detention of Miranda, he said something along those lines:
the UK and US governments believe that tactics like this are going to deter or intimidate us in any way from continuing to report aggressively on what these documents reveal, they are beyond deluded. If anything, it will have only the opposite effect: to embolden us even further.
http://www.theguardian.com/commentisfree/2013/aug/18/david-miranda-detained-uk-nsa [theguardian.com]
Re: (Score:1)
So you think the US charged Snowden with theft of government property, and two espionage offenses of disseminating classified material to someone without a security clearance, and revealing signals intelligence as part of "psyop" operation? Pray tell, I'm intrigued with this theory. Could you elaborate on who the operation is targeting, and what its ultimate goal is? What outcome of this operation would constitute a successful mission?
Re: (Score:1)
It's about the German election and the Euro. The NSA/GCHQ thing is a "diversionary fire" so that the Euro-crimes are not in the public conscience.
Hercule (Score:1)
We already know (Score:3)
We already know that something between 1984 and the NAZI regime was being built. Snowden just brought it to everyone's attention.
The best thing we can do is either unplug all together or create custom P2P networks that breaks from the standard networks. We need to use disruptive technologies like CB, Zigbee, enhanced versions GPG, faxs, face to face communication, hell even FIDOnet would offer a level of privacy you usually can't get today.
Re: (Score:1)
You can use ANY machine securely with your self-made One-Time-Pad. It just requires less laziness than you currently display.
You can turn off your phone ANY time. You can leave your WLAN open and if everybody does it, they will have a hard time to perform traffic analysis.
Finally, you can use a watch and meet people in meat space at a certain time and certain place.
Re: (Score:2)
You don't even *need* all that, unless you really need security. If you just really don't want to be snooped on, a diversity of communication channels makes it more difficult to monitor all of them, so it decreases the probability of any one communication being snooped on. Which is why the G.P..s reference to fidonet was reasonable.
OTOH, this same diversity makes it difficult for you to contact a wide diversity of people. For that you need standardized approaches, like e-mail and web pages (depending on
Re: (Score:2)
Oh, if only "store and forward" weren't specifically outlawed by the FCC... Then you could buy an ISP device once, and never pay anything more than maintenance and electricity to join the encrypted mesh network. Instead we only allow corporations to do this, and charge by the bit. Wireless Plans, indeed.
Colocation? Bandwidth Problems? Hack because IPv4/6 lacks automatic caching of store and forward... And TCP is dumb.
yeah, yeah (Score:1)
Getting rather sick of just overview articles that tell what intelligence agencies are doing, but doesn't explain HOW they are doing it, or everything that they are doing with the collected data. Basically, the journalists have now become the gatekeepers of information deciding what the affected masses should see. Give us (tech community) specific details on who/what has been compromised so that mitigation can take place while we wait for legal and political solutions (if they ever come) to address the cr
Re: (Score:2)
The journalists don't tell you how it's done, because they don't understand the explanations. This isn't being a gatekeeper. This is being a "narrow passage".
P.S.:
It's been 4 minutes since you last successfully posted a comment
Chances are, you're behind a firewall or proxy, or clicked the Back button to accidentally reuse a form. Please try again. If the problem persists, and all other options have been tried, contact the site administrator.
Why don't they say how long you need to wait?
Major source of driveby downloads (Score:2)
So that's who keeps doing that. And I was blaming flash gaming sites that my mother-in-law goes to.
"willing to penetrate" (Score:1)
Ok so is anyone else getting suspicious? (Score:1)
Not of the NSA (I mean seriously, you weren't already?) but of these leaks? I am starting to have doubts that this one contractor had access to all this varied data, about various programs, and now even about non-American agencies.
I am seriously starting to wonder if he, or others, are making up some shit for their own ends. I just have trouble buying that he has all this disparate data, on all this stuff, particularly given the compartmentalization of highly classified data.
Re: (Score:1)
Re: (Score:2)
I'm quite sure his original stuff about the NSA's prism program is accurate. It is some of the later stuff I'm questioning. I don't doubt that he had access to classified data, and it certainly seem like it is at least somewhat, if not completely, accurate given the reaction. But then there keeps being more and more leaks that are less and less related, which do not seem to be generating much reaction.
It is just causing me to wonder on their veracity.
Re: (Score:1)
What if the Snownden thing IS the DIVERSION ? They have plenty of things they don't want in the public conscience. The Euro, the dollar, public debt spiralling...
I consider the Syria war a diversion, too. France is in deep economic shit, so they clamour for a new war. Then, there's an election in Germany this weekend.
Re: (Score:2)
Let me just clear up all your lack of access concerns: Omivore / Carnivore ran on Unix, it was ported to MS Windows when they made ECHELON, thus Windows is the platform PRISM runs on too.
The only thing suspicious about the reports is that the Chinese hackers who bust up all the SCADA and Windows-Ran Energy grid aren't corroborating the reports... You credit the NSA too highly. Where do you think they higher hackers from? That same group that makes a game out of getting root on Windows and other OSs?
Re: (Score:2)
The official line is that Snowden was just some basic contractor who was a network administrator but other sources that have done some digging seem to think he was one of the NSA's hired hackers contracted to attack other nation state's infrastructure.
Only it seems he turned on the NSA and hacked them instead, hence the access to all this data.
The problem is that the NSA was likely using the very algorithms and systems it had put backdoors into assuming that no one else would know about the backdoors so it
Brussels: location of EU headquarters (Score:2)
If you want to know more what each party is discussing with their national governments, can't think of a better place than hacking Belgian telecom.
This is why they did it.
P3RF1D3 4LB10N! (Score:2)
But but but (Score:2)
Everyone ( the idiots anyway ) say its only the USA that does this.. this cant be true..
Re: (Score:2)
He's right - Belgians aren't bullies. They were bullies, but then as he pointed out, nearly every developed country has been a bully at some stage in the past, and some still are.
Re: (Score:2)
You had me until your last line. You actually believe that people in the southern hemisphere are somehow morally superior?
Re: (Score:3, Informative)
They dont. Belgians arent bullies who try to intimidate everyone.
Yeah, well except that minor unpleasantness in the late 19th century where their King was responsible for the murder and genocide of between 2 and 15 million people in the Congo. [wikipedia.org]
The Royal House of Belgium was imposed on the Belgians by the English and the Germans, who were affraid of too much French influence in the country.
Leopold I van Saxen-Coburg was born in Coburg (Bavaria, Germany), he was the uncle of Queen Victoria (who was also part of the Saxe-Coburg family, they changed their name into Windsor to sound less German).
Congo was the _personal property_ of his son, Leopold II. After the outrage on how he treated the Africans, he "donated" it to the Belgian state as a colony.
Re: (Score:1)
The Royal House of Belgium was imposed on the Belgians by the English and the Germans, who were affraid of too much French influence in the country.
Leopold I van Saxen-Coburg was born in Coburg (Bavaria, Germany), he was the uncle of Queen Victoria (who was also part of the Saxe-Coburg family, they changed their name into Windsor to sound less German).
Congo was the _personal property_ of his son, Leopold II. After the outrage on how he treated the Africans, he "donated" it to the Belgian state as a colony. As a Belgian colony, Congo was not worse of than any other colony at the time (which is bad enough).
a King who seems- by all accounts- to have been the forerunner of Adolph Hitler
Leopold II did not want to exterminate the Africans (unlike Hitler who wanted to exterminate all Jews, Gypsies, gays and the mentally ill); he just wanted to make as much profit as possible. His way to make profit was cruel; but as much as I (an anonymous Belgian) hate him, comparing him to Hitler is trivializing the holocaust.
Just a reminder that another one of the colonies was Rwanda -- the situation there shows that Leopold II did not want to exterminate Africans, but he DID take a nation and separate the people there into two "races" based on looks and set up a "genetic" breeding program. Those Rwandans with European-looking features were allowed to marry each other and hold positions of power; those without European-looking features (darker skin, flatter nose, lower cheekbones, more protruding forehead) were excluded from t
Re: (Score:1)
The bombs in Belgium are under American control [wikipedia.org].
Hey, we're allies! Please treat us as such.
Re: (Score:1)
Re: (Score:1)
Dear Anonymous Coward,
We, being the fine people of the United Kingdom of Great Britain and Northern Ireland, wish to inform you that we have retained our ability to avoid the use of foul language. We also wish to inform you that your assumption that it has gone belies a spectacular lack of awareness on your part. So much so that I would wager my pet parrot against you in matters of general knowledge. Which is saying a lot, because my pet parrot died last week.
Sincerely,
A loyal subject of Her Majesty The Que
Re: (Score:1)
British are not citizens, they are subjects.
Re: (Score:2)
Re: (Score:1)
What fucking troll? And it's very much the topic. People are just going to lose interest until they hear or see something they didn't already suspect. And besides, this will have little to no effect on the next set of elections. You're still going to see nothing but republicans and democrats in power. And they sure don't care what the EU thinks. Their politicians are on board anyway. This is going nowhere fast. "Where's the beef?" What's going to be done about it? A big fat nothing, what's what. And certain